As you know, deleting a file by pressing shift-delete or by using the Trash doesn't mean that the file is unrecoverable. It's data persists on your computer.

In day to day life, adversaries use recovery programs to attempt to undelete private data.

There are some program that provide secure erasure such as wipe and shred. As one knows, these programs require more time to perform secure erasure than standard deletion tools take to perform typical erasure.

How should we protect our private data from adversaries?

How should one store his/her data in memory?

Is there an encryption algorithm that will protect data as it is stored?

Should one use a journaling filesystem?

Can one password protect all types of memory?

Some adversaries have advanced tools to recover our private data. To protect against these threats, should we harden our home computer to protect against these threat?

I downvoted this question because the first three paragraphs don't actually coincide with the purpose of the question (as stated in the title). At first I was going to suggest editing the title, but then I read the rest of the question and determined this is actually 7 or 8 questions in one.
–
JosephAug 22 '11 at 19:12

5 Answers
5

It depends on the data and more specifically what has access to the system where the data is. The easy scenario here is you have a system that is removed from the internet and you have it within your residence. The steps you would need to protect your data are to ensure that you have a multi-lock system on the door (deadbolt plus regular lock for example), that there are ideally no windows, if there are make sure to have Charlie bars(so the amount of force required to force open the window is greatly increased) and above all else keep them locked. Now in terms of protecting the actual system in this scenario use an image based password system, this will make it very "difficult" for an automated program to crack in the event of compromise. A common mistake people make when encrypting data is that they do not encrypt every bit this makes it far more complex to take pieces away, similar to stealing a sausage.
Now for the real world example of how do you protect your private data on the system that is undoubtedly on the internet, running adobe products and Java. Follow all the steps previously outlined plus the following: Install an opensource IDS/IPS, get an anti-virus program, get a malware program. It is critical that all of these are from different vendors, as it requires far more to break into the system in this manner. Rotate passwords for your home system, I typically use a throw away password on sites that require me to create a username and password and contain only trivial information. Do not do this for a bank account. If possible rotate usernames as well, this will theoretically decrease the probability of matching passwords + usernames. Above all else keep your system patched, and try to use a virtual machine when possible, this will ensure that you can keep your environment in a consistent state.

How should one store his/her data in memory?

If we are talking about during runtime, let the operating system handle this for you, far more intelligent people than you or I have worked long and hard on these mechanisms. If you are not talking about this leave a comment.

Is there an encryption algorithm that will protect data as it is stored?

That is the purpose of encryption algorithms, you run the data through and get a scrambled version of it.

Should one use a journaling filesystem?

I do not see what this grants over a remote repository that has data backups of your system. In the event of disk failure there is no gain here.

Can one password protect all types of memory?

USB sticks can be encrypted and Rory's post indicates the same for RAM. Hard drives can be encrypted as well, just remember the potential performance loss on these.

To protect against these threats, should we harden our home computer to protect against these threat?

That depends on the value of the information being processed on the system and who you intend to protect against. There are essentially two physical threats to your home systems:

Theft. Somebody opportunistically takes your computer system.

Surveillance, followed by possible theft. When I say surveillance, I mean that in very broad terms - anyone who is able to observe the entry of passphrases for private keys, disk decryption etc can potentially record that entry.

Disk Encryption?

In the case of disk encryption, it is a very good solution for the first case assuming the computer, when stolen, is powered down or the act of stealing it forces it to be powered down (a desktop fits this bill unless the attacker comes prepared with a UPS...).

However, disk encryption cannot protect you from surveillance-based threats. The fundamental assumption of cryptography is that the decryption process is being done in a secure environment; all an adversary needs to do is to see the input of the password in such a way they can record it. There are many techniques to do this (keyloggers, cameras) and a few techniques for avoiding it (multi factor authentication).

Disk encryption also stops protecting your system as soon as the disks are decrypted (power on). The keys are "in memory" and whilst they may not be readable (i.e. in a self encrypting drive where the OS can't reach - it's worth noting the BIOS can because the implementation of self-encrypting drives requires interrupting the boot process of the BIOS) there is absolutely no access control performed by usual whole disk encryption. You can still get a virus and see every file the OS lets you see.

One approach that is harder to break is the approach taken by Encrypted NTFS, namely that the FEK (File Encrypting Key) is encrypted by public keys, thereby implementing a level of access control. However, when you are logged in as the user holding the private key, the same problem occurs.

So in effect, disk encryption does nothing to mitigate the "internet-facing" vulnerability.

Should one use a journalling filesystem?

Yes, purely on the basis you'd have to go to quite a bit of effort to find a file system without journalling. You'd be looking for VFAT (FAT32) or ext2 or some other ancient setup.

Journalling also provides you with significant corruption-avoiding benefits that you want. There's no point in protecting your data only to have the applications you use it with clobber it.

Finally, if the encryption layer you're using can't handle journalling, find a new one. There's no reason that data should reach the disk unencrypted, whether it's in the journal area or actually on storage. That includes the journal meta-data.

Can one password protect all types of memory?

If you are so minded, yes. I'm assuming you mean password protected via encryption here. There's an implementation issue with this level of protection - namely, most crypto services hold keys in memory so that you don't have to re-enter the password every time you want to write to or read from, say, RAM. If you had to do that, you'd find your computer unusable. It would also greatly increase the chance of password observation and is therefore self-defeating.

Applications encrypting their own data, stack and heap variables is not a new idea and will make "scraping ram" harder. However, there are some fundamental problems with this as a defence, namely if another application can read your applications' ram, it has gained access to supervisor mode rings on your cpu (assuming x86/x86_64). If this has happened, it's game set and match to the attacker anyway, so I rarely see the point using encrypted ram. Unless of course you're still using DOS (in DOS, all programs can read the memory of other programs)?

To add icing to the cake on encrypted RAM, the fact is, to encrypt it, your application had to have it unencrypted anyway, also in RAM, which means you're only making it harder, not impossible.

What should I do?

Use whole disk encryption anyway. This protects your data against theft as in opportunistic thieving and means you can throw the hard disk away and it will be reasonably difficult to extract anything meaningful from it for some time.

Forget about encryption as the ultimate solution and focus on protecting the integrity of your operating system from other forms of attack which are far more likely to steal your data. For example:

Use appropriate security on the web - HTTPS, Javascript blockers, firewalls, antivirus (won't help you against the latest threats, but saying AV is useless is like saying because we can't yet prevent cancer you shouldn't have a TB vaccine - it filters out all the known and yet still circling threats) - the usual drill, basically.

Patch your system. Turn on Windows update, regularly run yum update or whatever update mechanism you have. When bugs of a security-compromising nature are fixed, make sure you have the patch.

Only install software you can reasonably trust.

Reduce things running with Administrator privileges and don't run as an Admin account yourself - i.e. reduce the attack surface.

To be honest, I think a discussion about ensuring secure password entry and physical access to your home computer is probably wandering into the realms of fantasy and is also probably disproportionate to the risk to your data. Most sensitive personal data people hold is also held elsewhere by their doctor, bank, utility company, social networking website etc and your ISP could easily log your internet activity. There is not much you can personally do about the security of that information and it is unlikely all such information is heavily protected, although the more sensitive material (bank account details, etc) usually is.

You need to do a cost / benefit analysis, with some risk analysis. The answers to your questions depend very much on that.

Careful use of whole disc encryption will protect against most of the things you mention. But if an attacker is determined enough they could just {beat you / threaten you with prison} until you hand over the key.

A person could spend a lot of time and money creating a hardened system, but then not spend any time or money on good doors and locks, or on security guards, or off-site back-ups, etc.

This is a few questions in one, but I think can be answered by the same info.

As many folks have said - this depends on what the data is, who you are, who the likely adversaries are, how risk averse you are etc. Large corporates tend to carry out formal risk assessments, but users don't - and I think they really should, as they could be badly impacted in the event of a compromise of their computer, which may contain banking details, personal emails and other data considered sensitive.

Encrypted disks are fast enough these days that for a normal user they are a worthwhile starting place, however be aware that forgetting your key will mean you lose all your data. Most of them will just work once enabled, and will effectively protect your computer from boot up - although there have been some attacks demonstrated (although I don't think seen in the wild yet) at driver level against software disk encryption, so if your risk is high you will need to think about hardened encrypted disks and TPM.

You could use encrypted RAM if you have a specific threat which requires you to secure against real time forensic analysis of applications and data in memory. This is an odd and fairly esoteric risk through - don't think you have to worry unless you are in a particular military area...

Journalling is a good idea if you specifically worry about data loss during writes to disk, however if you are worried about disk failure, RAID is likely to provide a more resilient system.

I know what TPM means Trusted Platform Module And you know TPM is a hardware component used to protect crypto variables (keys), but I don't know if everyone else knows what a TPM is.
–
this.joshAug 29 '11 at 7:20

You make a good point:-) You can tell when I've had days only talking to security folks, can't you...
–
Rory Alsop♦Aug 29 '11 at 7:40

Yes, its the tinfoil hat that gives it away.
–
this.joshAug 29 '11 at 17:25

Interesting question, but as always it depends on what you're trying to protect and from
whom.

You could start by installing TrueCrypt for on the fly disk encryption. This could allow you to even have a hidden operating system and put a password on the MBR sector that would conditionally boot into the hidden OS or the regular one.

You should also get into the habit of shutting down your PC (don't just put it to sleep or hibernate as that is going to save state).

If you feel really paranoid you could use an in-RAM OS such as Knoppix that disappears from memory once it's shutdown.

Seeing what they did with the Stuxnet worm I wouldn't say you'd be able to protect yourself from resourceful governments (especially if you run Windows) but you could make it less worth it to go after you (they have a budget too!). I guess there would still be an advantage in running something safer such as OpenBSD, but if you do keep this in mind

I guess there would still be a chance they might get to you and your password with keyloggers, or by replacing some network device that you're connecting to. You can't really protect from a keylogger or a rootkit (especially with these joke antivirus that are generally available) if they have a zero-day (or twenty) in their hands so maybe in that case the best way to protect yourself in communication is encryption + some steganography.

I wouldn't even trust stuff like TOR or VPN that much as they might be running the service :)

In the end, even if as you say you can build a castle, law enforcement can force you to give the password unless you want to spend the rest of your life in jail, that's far easier and cheaper for them than anything they might be able to do on the technical front.

-1 the answer does not address the questions asked by the OP and contain mostly personal preferences and opinions. I would suggest that the answer is revised to answer the questions.
–
ChristofferAug 22 '11 at 12:57

Eraser and similar are pointless unless the attacker is clueless. Data from files is scattered in many places (in some file systems) and eraser does not scrub all of those.
–
DanBealeAug 25 '11 at 17:44